component-analysis topic

List component-analysis repositories

dependency-track

2.4k
Stars
517
Forks
Watchers

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

verified publisher icon DependencyTrack

dependency-check-sonar-plugin

565
Stars
130
Forks
Watchers

Integrates Dependency-Check reports into SonarQube

verified publisher icon dependency-check

dependency-check-plugin

127
Stars
71
Forks
Watchers

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

verified publisher icon jenkinsci

awesome-sca

90
Stars
29
Forks
Watchers

A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.

verified publisher icon hysnsec

dependency-track-maven-plugin

60
Stars
19
Forks
Watchers

Maven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.

verified publisher icon pmckeown

dtrack-audit

47
Stars
14
Forks
Watchers

OWASP Dependency Track API client for intergration into CI/CD pipeline

verified publisher icon ozontech

berryjam

104
Stars
8
Forks
Watchers

Open Source Vue.js Component Analyzer - Save time communicating and effort in development to create better and more efficient code

verified publisher icon logicspark

dependency-track-plugin

43
Stars
27
Forks
Watchers

Main repository for the official Dependency-Track Jenkins plugin

verified publisher icon jenkinsci

cyclonedx-go

20
Stars
3
Forks
Watchers

Creates CycloneDX Software Bill-of-Materials (SBOM) from Go projects. So you can use it with DependencyTrack to monitor security issues in 3rd party modules.

verified publisher icon ozonru